Skip to content

Commit

Permalink
Merge pull request #423 from reef-technologies/yed/fix-large-file-key-id
Browse files Browse the repository at this point in the history
fix large file missing SSE-C key ID
  • Loading branch information
mjurbanski-reef authored Sep 27, 2023
2 parents f0424e3 + 0fe4f59 commit 874089d
Show file tree
Hide file tree
Showing 4 changed files with 50 additions and 3 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased]

### Fixed
* Fix missing key ID for large file encrypted with SSE-C
* Fix concatenating error message when message is None


## [1.24.0] - 2023-08-31

### Added
Expand Down
3 changes: 3 additions & 0 deletions b2sdk/raw_api.py
Original file line number Diff line number Diff line change
Expand Up @@ -758,6 +758,9 @@ def start_large_file(
)
kwargs['serverSideEncryption'] = server_side_encryption.serialize_to_json_for_request()

if server_side_encryption.mode == EncryptionMode.SSE_C:
file_info = server_side_encryption.add_key_id_to_file_info(file_info)

if legal_hold is not None:
kwargs['legalHold'] = legal_hold.to_server()

Expand Down
4 changes: 1 addition & 3 deletions b2sdk/session.py
Original file line number Diff line number Diff line change
Expand Up @@ -508,9 +508,7 @@ def _add_app_key_info_to_unauthorized(self, unauthorized):
key_messages.append('with no restrictions')

# Make a new message
new_message = unauthorized.message
if new_message == '':
new_message = 'unauthorized'
new_message = unauthorized.message or 'unauthorized'
new_message += ' for application key ' + ', '.join(key_messages)

return Unauthorized(new_message, unauthorized.code)
Expand Down
41 changes: 41 additions & 0 deletions test/integration/test_upload.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,14 @@

import io

from b2sdk.b2http import B2Http
from b2sdk.encryption.setting import EncryptionKey, EncryptionSetting
from b2sdk.encryption.types import EncryptionAlgorithm, EncryptionMode
from b2sdk.v2 import B2RawHTTPApi

from .base import IntegrationTestBase
from .fixtures import b2_auth_data # noqa
from .test_raw_api import authorize_raw_api


class TestUnboundStreamUpload(IntegrationTestBase):
Expand All @@ -38,3 +44,38 @@ def test_streamed_large_buffer_small_part_size(self):
data = b'a large data content' * 512 * 1024
# 5mb, the smallest allowed part size
self.assert_data_uploaded_via_stream(data, part_size=5 * 1024 * 1024)


class TestUploadLargeFile(IntegrationTestBase):
def test_ssec_key_id(self):
sse_c = EncryptionSetting(
mode=EncryptionMode.SSE_C,
algorithm=EncryptionAlgorithm.AES256,
key=EncryptionKey(secret=b'********************************', key_id='some-id'),
)

raw_api = B2RawHTTPApi(B2Http())

auth_dict = authorize_raw_api(raw_api)
account_auth_token = auth_dict['authorizationToken']
api_url = auth_dict['apiUrl']
bucket = self.create_bucket()

large_info = raw_api.start_large_file(
api_url,
account_auth_token,
bucket.id_,
'test_largefile_sse_c.txt',
'text/plain',
None,
server_side_encryption=sse_c,
)

assert large_info['fileInfo'] == {
'sse_c_key_id': sse_c.key.key_id,
}
assert large_info['serverSideEncryption'] == {
'algorithm': 'AES256',
'customerKeyMd5': 'SaaDheEjzuynJH8eW6AEpQ==',
'mode': 'SSE-C',
}

0 comments on commit 874089d

Please sign in to comment.